Tuesday, 2018-08-21

*** hongbin has joined #openstack-meeting-3		00:26
*** macza has quit IRC		00:41
*** yamahata has quit IRC		01:22
*** yamahata has joined #openstack-meeting-3		01:33
*** isq has quit IRC		01:54
*** isq has joined #openstack-meeting-3		02:02
*** gcb_ has joined #openstack-meeting-3		02:07
*** yamahata has quit IRC		02:15
*** apetrich has quit IRC		02:27
*** markvoelker has joined #openstack-meeting-3		03:01
*** psachin has joined #openstack-meeting-3		03:06
*** jamesmcarthur has joined #openstack-meeting-3		03:15
*** jamesmcarthur has quit IRC		03:19
*** diablo_rojo has quit IRC		03:21
*** hongbin has quit IRC		04:10
*** psachin has quit IRC		04:27
*** markvoelker has quit IRC		04:32
*** markvoelker has joined #openstack-meeting-3		04:43
*** markvoelker has quit IRC		04:52
*** psachin has joined #openstack-meeting-3		05:14
*** Luzi has joined #openstack-meeting-3		05:51
*** yamahata has joined #openstack-meeting-3		06:07
*** alexchadin has joined #openstack-meeting-3		06:27
*** pcaruana has joined #openstack-meeting-3		06:42
*** tssurya has joined #openstack-meeting-3		06:52
*** qwebirc21340 has quit IRC		07:08
*** jamesmcarthur has joined #openstack-meeting-3		07:15
*** jamesmcarthur has quit IRC		07:20
*** alexchadin has quit IRC		07:21
*** alexchadin has joined #openstack-meeting-3		07:32
*** macza has joined #openstack-meeting-3		08:06
*** e0ne has joined #openstack-meeting-3		08:10
*** macza has quit IRC		08:11
*** macza has joined #openstack-meeting-3		08:48
*** alexchadin has quit IRC		08:53
*** macza has quit IRC		08:53
*** macza has joined #openstack-meeting-3		09:09
*** macza has quit IRC		09:14
*** alexchadin has joined #openstack-meeting-3		09:14
*** apetrich has joined #openstack-meeting-3		09:23
*** macza has joined #openstack-meeting-3		09:30
*** macza has quit IRC		09:35
*** macza has joined #openstack-meeting-3		10:12
*** jamesmcarthur has joined #openstack-meeting-3		10:15
*** macza has quit IRC		10:16
*** jamesmcarthur has quit IRC		10:20
*** alexchadin has quit IRC		10:25
*** macza has joined #openstack-meeting-3		10:33
*** alexchadin has joined #openstack-meeting-3		10:36
*** macza has quit IRC		10:38
*** macza has joined #openstack-meeting-3		10:54
*** macza has quit IRC		10:59
*** zchkun has joined #openstack-meeting-3		11:13
*** zchkun has quit IRC		11:13
*** macza has joined #openstack-meeting-3		11:35
*** e0ne has quit IRC		11:36
*** macza has quit IRC		11:40
*** macza has joined #openstack-meeting-3		12:04
*** numans_ has joined #openstack-meeting-3		12:07
*** macza has quit IRC		12:08
*** numans has quit IRC		12:10
*** macza has joined #openstack-meeting-3		12:11
*** macza has quit IRC		12:12
*** raildo has joined #openstack-meeting-3		12:17
*** Luzi has quit IRC		12:28
*** moguimar has quit IRC		12:31
*** macza has joined #openstack-meeting-3		12:35
*** Luzi has joined #openstack-meeting-3		12:35
*** macza has quit IRC		12:40
*** jamesmcarthur has joined #openstack-meeting-3		12:47
*** jamesmcarthur has quit IRC		13:04
*** moguimar has joined #openstack-meeting-3		13:09
*** psachin has quit IRC		13:17
*** rossella_s has joined #openstack-meeting-3		13:19
*** apetrich has quit IRC		13:33
*** e0ne has joined #openstack-meeting-3		13:40
*** jamesmcarthur has joined #openstack-meeting-3		13:44
*** alexchadin has quit IRC		13:55
*** alexchadin has joined #openstack-meeting-3		13:58
*** alexchadin has quit IRC		14:13
*** alexchadin has joined #openstack-meeting-3		14:13
*** Luzi has quit IRC		14:23
*** munimeha1 has joined #openstack-meeting-3		14:27
*** Luzi has joined #openstack-meeting-3		14:36
*** Luzi has quit IRC		14:37
*** spilla has joined #openstack-meeting-3		14:46
*** gagehugo has joined #openstack-meeting-3		14:51
*** alexchadin has quit IRC		14:56
*** hongbin has joined #openstack-meeting-3		14:56
*** yamahata has quit IRC		14:57
*** jamesmcarthur has quit IRC		14:57
*** alexchadin has joined #openstack-meeting-3		14:57
raildo	#startmeeting oslo-config-plaintext-secrets	15:00
openstack	Meeting started Tue Aug 21 15:00:13 2018 UTC and is due to finish in 60 minutes. The chair is raildo. Information about MeetBot at http://wiki.debian.org/MeetBot.	15:00
openstack	Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.	15:00
*** openstack changes topic to " (Meeting topic: oslo-config-plaintext-secrets)"		15:00
raildo	o/	15:00
openstack	The meeting name has been set to 'oslo_config_plaintext_secrets'	15:00
moguimar	o/	15:00
spilla	o/	15:01
*** electrichead has joined #openstack-meeting-3		15:01
electrichead	o/	15:01
* electrichead is aka redrobot		15:01
electrichead	having bouncer issues ... :-\	15:01
raildo	#link https://etherpad.openstack.org/p/oslo-config-plaintext-secrets	15:01
moguimar	dhellmann bnemec	15:02
dhellmann	o/	15:02
raildo	hey folks :)	15:02
raildo	#topic status update	15:02
*** openstack changes topic to "status update (Meeting topic: oslo-config-plaintext-secrets)"		15:02
*** alexchadin has quit IRC		15:03
raildo	I updated the spec for stein: https://review.openstack.org/#/c/474304/ updating the phase 0 status and moving that spec for the stein repo	15:03
raildo	we still need wait for the Denver PTG to get some agreements about the mutable values, so we can focus on approve this spec	15:04
raildo	moguimar, do you want to talk about the PoC for testing oslo.config driver?	15:04
bnemec	o/	15:04
moguimar	sure	15:04
moguimar	I've setup a remote_file server using docker, nginx and flask	15:05
moguimar	https://github.com/moisesguimaraes/oslo.config-drivers-samples	15:05
moguimar	#link https://github.com/moisesguimaraes/oslo.config-drivers-samples	15:05
moguimar	the nginx does the tls checks	15:06
moguimar	the flask app has a crud for configs	15:06
moguimar	the config is a simple (id, domain_name, conf)	15:06
* gagehugo lurks		15:06
moguimar	so the server returns configs based on the subject domain name of the client certificate	15:07
*** jamesmcarthur has joined #openstack-meeting-3		15:07
dhellmann	are you planning to implement a CI job based on that?	15:08
moguimar	that can be used to demo the remote_file driver	15:08
moguimar	should I?	15:08
dhellmann	oh, I don't know, I was just curious	15:08
moguimar	I'll work on a demo on my own, just for curiosity	15:09
*** pcaruana has quit IRC		15:09
raildo	dhellmann, that would be great, but I'm not sure if we'll be able to that upstream, like setting an nginx server and so on, maybe we can evaluate how to adjust it for a CI job	15:09
bnemec	Python has a very simple HTTP server built in. Seems like we should be able to use that for a test job.	15:10
dhellmann	yeah, upstream might just want to reuse whatever devstack does to configure a web front-end for the services	15:10
moguimar	as I'd like to learn a little about datadog, I would like to see nodes status and they trying to fetch config every x seconds	15:10
dhellmann	bnemec : that's a good idea, too, although I don't know about the SSL stuff for that	15:10
bnemec	https://docs.python.org/2/library/simplehttpserver.html	15:10
bnemec	Yeah, I was thinking just to have basic coverage of this functionality.	15:10
raildo	#action raildo to investigate more about https://docs.python.org/2/library/simplehttpserver.html	15:11
moguimar	simplehttpserver does that job well, the PoC I was working on is something more visual	15:13
raildo	the next steps for now, will be investigating/playing with castellan-vault and other backends, so we can be more understand more about castellan and start the castellan driver implementation	15:13
moguimar	I did that castellan deep dive today	15:13
moguimar	can you set the topic for it raildo ?	15:14
moguimar	after status update	15:14
raildo	#topic castellan deep dive	15:14
*** openstack changes topic to "castellan deep dive (Meeting topic: oslo-config-plaintext-secrets)"		15:14
moguimar	good	15:14
moguimar	I cloned the castellan repo and looked into the code	15:14
moguimar	it stores/retrieves values from vault with a unique ID	15:15
moguimar	the IDs are generated with uuid.uuid4().hex	15:15
moguimar	so I think that the mapping file using the castellan driver should contain option_name=option_id	15:16
*** sambetts\|afk is now known as sambetts		15:16
moguimar	then we just forward the get to castellan	15:16
moguimar	using the secret's id	15:16
dhellmann	that makes sense	15:17
moguimar	I hope this approach doesn't care which backend castellan is talking to	15:17
moguimar	so the castellan driver would work for both vault and barbican	15:18
moguimar	I	15:18
dhellmann	do the id values change format based on the driver at all?	15:18
raildo	moguimar, yeah, that's why we have to use the castellan reference_id	15:18
dhellmann	like sometimes they are uuid and sometimes just numbers?	15:18
moguimar	will check that	15:18
moguimar	haven't poked the barbican_key_manager file yet	15:18
dhellmann	ok	15:18
dhellmann	I suspect they don't, but wouldn't want to assume so	15:19
dhellmann	I guess if we just don't worry about what's in the string for the value it won't matter if the format changes	15:19
dhellmann	as long as it can be expressed as a value in an ini file we should be safe reading it	15:19
raildo	dhellmann, I think that all of that are using uuid, but would be nice double check that as well	15:19
raildo	dhellmann, ++	15:19
moguimar	I still have a lot of tests being skipped in tox for castellan	15:20
moguimar	so I'll poke the castellan folks to find out how to setup vault and barbican for the skipped castellan tests	15:20
raildo	moguimar, notice that you have to explicitly enable the vault tests for castellan on tox	15:21
raildo	there is an option on tox for castellan to run the vault tests	15:21
raildo	#link https://github.com/openstack/castellan/blob/master/tox.ini#L75	15:21
moguimar	yup	15:22
moguimar	I'll try that one	15:22
raildo	great	15:22
raildo	#topic Open Discussion	15:23
*** openstack changes topic to "Open Discussion (Meeting topic: oslo-config-plaintext-secrets)"		15:23
moguimar	I supose the full tests also test vault, but it looks for some ENV vars	15:23
moguimar	as I can see the skipped message	15:23
moguimar	that's all I have	15:23
raildo	it doesn't since it's necessary a vault server, and root key for vault	15:23
raildo	so it'll run the functional tests, other else, it will just execute the unit tests for that code	15:24
moguimar	yeah, I have a vault server running, it gets the addr and token from env vars	15:25
raildo	so, let's try that option and we can see the result with that	15:25
moguimar	yep	15:25
raildo	awesome	15:25
raildo	ok, so if we don't have nothing else to talk, see you guys in two weeks :)	15:26
raildo	thanks everyone!	15:26
moguimar	o/	15:27
raildo	#endmeeting	15:27
*** openstack changes topic to "OpenStack Meetings \|\| https://wiki.openstack.org/wiki/Meetings/"		15:27
bnemec	Oh, that reminds me.	15:27
openstack	Meeting ended Tue Aug 21 15:27:23 2018 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4)	15:27
openstack	Minutes: http://eavesdrop.openstack.org/meetings/oslo_config_plaintext_secrets/2018/oslo_config_plaintext_secrets.2018-08-21-15.00.html	15:27
openstack	Minutes (text): http://eavesdrop.openstack.org/meetings/oslo_config_plaintext_secrets/2018/oslo_config_plaintext_secrets.2018-08-21-15.00.txt	15:27
openstack	Log: http://eavesdrop.openstack.org/meetings/oslo_config_plaintext_secrets/2018/oslo_config_plaintext_secrets.2018-08-21-15.00.log.html	15:27
bnemec	raildo: moguimar: Were you going to be at the PTG?	15:27
moguimar	nope	15:27
raildo	bnemec, no =/	15:27
bnemec	:-(	15:28
raildo	bnemec, there will be a few members from our team, that I'll ask them to attend the oslo meeting	15:28
raildo	bnemec, so, they will be aware of that discussion and can help on it	15:29
bnemec	raildo: Okay, sounds good. Thanks.	15:29
*** gagehugo has left #openstack-meeting-3		15:31
*** yamahata has joined #openstack-meeting-3		15:38
*** dklyle has quit IRC		15:41
*** dklyle has joined #openstack-meeting-3		15:44
*** e0ne has quit IRC		15:44
*** macza has joined #openstack-meeting-3		16:00
*** njohnston has joined #openstack-meeting-3		16:03
*** markvoelker has joined #openstack-meeting-3		16:50
*** sambetts is now known as sambetts\|afk		16:52
*** jamesmcarthur has quit IRC		17:14
*** yamahata has quit IRC		17:17
*** spilla has quit IRC		17:35
*** e0ne has joined #openstack-meeting-3		17:42
*** jamesmcarthur has joined #openstack-meeting-3		17:49
*** tssurya has quit IRC		17:50
*** numans_ has quit IRC		17:54
*** diablo_rojo has joined #openstack-meeting-3		17:56
*** yamahata has joined #openstack-meeting-3		17:58
*** apetrich has joined #openstack-meeting-3		18:02
*** jamesmcarthur has quit IRC		18:08
*** mjturek has joined #openstack-meeting-3		18:10
*** NobodyCam has quit IRC		18:37
*** lamt has quit IRC		18:37
*** Adri2000 has quit IRC		18:37
*** leifz has quit IRC		18:37
*** vkmc has quit IRC		18:37
*** ttx has quit IRC		18:37
*** alaski has quit IRC		18:37
*** kencjohnston has quit IRC		18:37
*** fungi has quit IRC		18:37
*** kencjohnston_ has joined #openstack-meeting-3		18:38
*** vkmc has joined #openstack-meeting-3		18:40
*** fbouliane has quit IRC		18:42
*** TheJulia has quit IRC		18:42
*** tobberydberg has quit IRC		18:42
*** fyx has quit IRC		18:42
*** fbouliane has joined #openstack-meeting-3		18:46
*** fungi has joined #openstack-meeting-3		18:48
*** isq_ has joined #openstack-meeting-3		18:54
*** e0ne has quit IRC		18:57
*** isq has quit IRC		18:57
*** isq_ has quit IRC		18:58
*** isq has joined #openstack-meeting-3		18:58
*** TheJulia has joined #openstack-meeting-3		19:01
*** jamesmcarthur has joined #openstack-meeting-3		19:11
*** jamesmcarthur has quit IRC		19:15
*** bnemec has quit IRC		19:20
*** bnemec has joined #openstack-meeting-3		19:20
*** melwitt has quit IRC		19:33
*** sdake has quit IRC		19:33
*** melwitt has joined #openstack-meeting-3		19:34
*** sdake has joined #openstack-meeting-3		19:34
*** PagliaccisCloud has quit IRC		19:39
*** timothyb89 has quit IRC		19:39
*** Neptu has quit IRC		19:39
*** sambetts\|afk has quit IRC		19:42
*** Neptu has joined #openstack-meeting-3		19:43
*** sambetts_ has joined #openstack-meeting-3		19:45
*** PagliaccisCloud has joined #openstack-meeting-3		19:46
*** njohnston has left #openstack-meeting-3		19:55
*** beisner_ has joined #openstack-meeting-3		20:12
*** gmann_ has joined #openstack-meeting-3		20:13
*** moguimar has quit IRC		20:19
*** dobson has quit IRC		20:19
*** beisner has quit IRC		20:19
*** gmann has quit IRC		20:19
*** gmann_ is now known as gmann		20:19
*** beisner_ is now known as beisner		20:19
*** jamesmcarthur has joined #openstack-meeting-3		20:22
*** jamesmcarthur has quit IRC		20:26
*** raildo has quit IRC		20:46
*** jamesmcarthur has joined #openstack-meeting-3		20:58
*** ildikov has joined #openstack-meeting-3		21:02
*** harlowja has joined #openstack-meeting-3		21:02
*** mjturek has quit IRC		21:08
*** munimeha1 has quit IRC		21:21
*** jamesmcarthur has quit IRC		21:48
*** jamesmcarthur has joined #openstack-meeting-3		21:50
*** jamesmcarthur_ has joined #openstack-meeting-3		21:52
*** jamesmcarthur_ has quit IRC		21:55
*** jamesmcarthur has quit IRC		21:55
*** jamesmcarthur has joined #openstack-meeting-3		21:56
*** jamesmcarthur has quit IRC		22:01
*** jamesmcarthur has joined #openstack-meeting-3		22:04
*** jamesmcarthur has quit IRC		22:08
*** diablo_rojo has quit IRC		22:44
*** hongbin has quit IRC		22:44
*** diablo_rojo has joined #openstack-meeting-3		22:48
*** macza has quit IRC		23:37
*** jamesmcarthur has joined #openstack-meeting-3		23:39
*** jamesmcarthur has quit IRC		23:44

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!